Home Digital ServicesApps MySejahtera: No breach in personal data despite users receiving unsolicited messages

MySejahtera: No breach in personal data despite users receiving unsolicited messages

by Victor Ng
1.2K views

The Ministry of Health (MoH) has reassured MySejahtera users that there has been no breach in data that caused random OTP SMS and emails to be sent to users.  

The spam messages were instead sent via API manipulation that’s related to MySejahtera’s Check-In feature.  

This feature allows businesses to generate QR codes for their establishments, but unknown parties had misused this feature to send OTP codes. 

mysejahtera rick roll

Image credit: Phakorn Kiong

The “Need Help” feature is also a culprit in allowing wrongdoers to send spam emails to other users. 

The MoH also noted in their press release that the MySejahtera app and website’s security has been heightened to prevent similar exploits in the software from appearing. 

You may also like